MySQL Database Audit by DataSunrise
DataSunrise Data Audit for MySQL database enables real-time tracking of changes with data, database structure and user actions. Audit records include database operations performed, who performed the operation and when, as well as all the attributes of the operation.
According to information security regulations, affected organizations are obliged to implement data audit solutions that provide comprehensive data on all actions performed with personally identifiable information. Audit logs are stored in an internal or external database for further examination or forensic purposes. There is a feature to generate specialized reports for specified types of transactions.
Relational database platforms feature native audit capability, which is not often used by DBAs due to creating performance and data management issues. Unlike native audit DataSunrise Data Audit allows to monitor database activity without any impact on database or applications and thus doesn’t create any performance or scalability issues. Continuously monitoring database transactions, DataSunrise data audit solution helps DBAs to prevent security threats by notifying about any suspicious transaction that is not on the whitelist.
DataSunrise supports Syslog – the most widely used protocol for message logging. This enables to integrate the firewall with Security Information and Event Management (SIEM) solutions and enhance security analytics capabilities of a used SIEM solution. Integrated with SIEM system Datasunrise helps to achieve full visibility of database transactions and user activity. More detailed information on monitoring feature is available here.
DataSunrise Data Audit retrieves and logs the following data:
- Codes of SQL queries and the results of their execution ;
- Session details;
- Number of rows affected by a query, database errors;
- Data on client applications used to query the database.
MySQL audit solution by DataSunrise can be configured to save auditing results in the integrated SQLite database, stand-alone PostgreSQL, Amazon Aurora, Amazon Redshift or MySQL database; or it can export event logs to external SIEM system.